1# SPDX-License-Identifier: GPL-2.0-only 2menu "EFI (Extensible Firmware Interface) Support" 3 depends on EFI 4 5config EFI_VARS 6 tristate "EFI Variable Support via sysfs" 7 depends on EFI 8 default n 9 help 10 If you say Y here, you are able to get EFI (Extensible Firmware 11 Interface) variable information via sysfs. You may read, 12 write, create, and destroy EFI variables through this interface. 13 14 Note that using this driver in concert with efibootmgr requires 15 at least test release version 0.5.0-test3 or later, which is 16 available from: 17 <http://linux.dell.com/efibootmgr/testing/efibootmgr-0.5.0-test3.tar.gz> 18 19 Subsequent efibootmgr releases may be found at: 20 <http://github.com/vathpela/efibootmgr> 21 22config EFI_ESRT 23 bool 24 depends on EFI && !IA64 25 default y 26 27config EFI_VARS_PSTORE 28 tristate "Register efivars backend for pstore" 29 depends on EFI_VARS && PSTORE 30 default y 31 help 32 Say Y here to enable use efivars as a backend to pstore. This 33 will allow writing console messages, crash dumps, or anything 34 else supported by pstore to EFI variables. 35 36config EFI_VARS_PSTORE_DEFAULT_DISABLE 37 bool "Disable using efivars as a pstore backend by default" 38 depends on EFI_VARS_PSTORE 39 default n 40 help 41 Saying Y here will disable the use of efivars as a storage 42 backend for pstore by default. This setting can be overridden 43 using the efivars module's pstore_disable parameter. 44 45config EFI_RUNTIME_MAP 46 bool "Export efi runtime maps to sysfs" 47 depends on X86 && EFI && KEXEC_CORE 48 default y 49 help 50 Export efi runtime memory maps to /sys/firmware/efi/runtime-map. 51 That memory map is used for example by kexec to set up efi virtual 52 mapping the 2nd kernel, but can also be used for debugging purposes. 53 54 See also Documentation/ABI/testing/sysfs-firmware-efi-runtime-map. 55 56config EFI_FAKE_MEMMAP 57 bool "Enable EFI fake memory map" 58 depends on EFI && X86 59 default n 60 help 61 Saying Y here will enable "efi_fake_mem" boot option. 62 By specifying this parameter, you can add arbitrary attribute 63 to specific memory range by updating original (firmware provided) 64 EFI memmap. 65 This is useful for debugging of EFI memmap related feature. 66 e.g. Address Range Mirroring feature. 67 68config EFI_MAX_FAKE_MEM 69 int "maximum allowable number of ranges in efi_fake_mem boot option" 70 depends on EFI_FAKE_MEMMAP 71 range 1 128 72 default 8 73 help 74 Maximum allowable number of ranges in efi_fake_mem boot option. 75 Ranges can be set up to this value using comma-separated list. 76 The default value is 8. 77 78config EFI_PARAMS_FROM_FDT 79 bool 80 help 81 Select this config option from the architecture Kconfig if 82 the EFI runtime support gets system table address, memory 83 map address, and other parameters from the device tree. 84 85config EFI_RUNTIME_WRAPPERS 86 bool 87 88config EFI_ARMSTUB 89 bool 90 91config EFI_ARMSTUB_DTB_LOADER 92 bool "Enable the DTB loader" 93 depends on EFI_ARMSTUB 94 default y 95 help 96 Select this config option to add support for the dtb= command 97 line parameter, allowing a device tree blob to be loaded into 98 memory from the EFI System Partition by the stub. 99 100 If the device tree is provided by the platform or by 101 the bootloader this option may not be needed. 102 But, for various development reasons and to maintain existing 103 functionality for bootloaders that do not have such support 104 this option is necessary. 105 106config EFI_BOOTLOADER_CONTROL 107 tristate "EFI Bootloader Control" 108 depends on EFI_VARS 109 default n 110 ---help--- 111 This module installs a reboot hook, such that if reboot() is 112 invoked with a string argument NNN, "NNN" is copied to the 113 "LoaderEntryOneShot" EFI variable, to be read by the 114 bootloader. If the string matches one of the boot labels 115 defined in its configuration, the bootloader will boot once 116 to that label. The "LoaderEntryRebootReason" EFI variable is 117 set with the reboot reason: "reboot" or "shutdown". The 118 bootloader reads this reboot reason and takes particular 119 action according to its policy. 120 121config EFI_CAPSULE_LOADER 122 tristate "EFI capsule loader" 123 depends on EFI 124 help 125 This option exposes a loader interface "/dev/efi_capsule_loader" for 126 users to load EFI capsules. This driver requires working runtime 127 capsule support in the firmware, which many OEMs do not provide. 128 129 Most users should say N. 130 131config EFI_CAPSULE_QUIRK_QUARK_CSH 132 bool "Add support for Quark capsules with non-standard headers" 133 depends on X86 && !64BIT 134 select EFI_CAPSULE_LOADER 135 default y 136 help 137 Add support for processing Quark X1000 EFI capsules, whose header 138 layout deviates from the layout mandated by the UEFI specification. 139 140config EFI_TEST 141 tristate "EFI Runtime Service Tests Support" 142 depends on EFI 143 default n 144 help 145 This driver uses the efi.<service> function pointers directly instead 146 of going through the efivar API, because it is not trying to test the 147 kernel subsystem, just for testing the UEFI runtime service 148 interfaces which are provided by the firmware. This driver is used 149 by the Firmware Test Suite (FWTS) for testing the UEFI runtime 150 interfaces readiness of the firmware. 151 Details for FWTS are available from: 152 <https://wiki.ubuntu.com/FirmwareTestSuite> 153 154 Say Y here to enable the runtime services support via /dev/efi_test. 155 If unsure, say N. 156 157config APPLE_PROPERTIES 158 bool "Apple Device Properties" 159 depends on EFI_STUB && X86 160 select EFI_DEV_PATH_PARSER 161 select UCS2_STRING 162 help 163 Retrieve properties from EFI on Apple Macs and assign them to 164 devices, allowing for improved support of Apple hardware. 165 Properties that would otherwise be missing include the 166 Thunderbolt Device ROM and GPU configuration data. 167 168 If unsure, say Y if you have a Mac. Otherwise N. 169 170config RESET_ATTACK_MITIGATION 171 bool "Reset memory attack mitigation" 172 depends on EFI_STUB 173 help 174 Request that the firmware clear the contents of RAM after a reboot 175 using the TCG Platform Reset Attack Mitigation specification. This 176 protects against an attacker forcibly rebooting the system while it 177 still contains secrets in RAM, booting another OS and extracting the 178 secrets. This should only be enabled when userland is configured to 179 clear the MemoryOverwriteRequest flag on clean shutdown after secrets 180 have been evicted, since otherwise it will trigger even on clean 181 reboots. 182 183endmenu 184 185config UEFI_CPER 186 bool 187 188config UEFI_CPER_ARM 189 bool 190 depends on UEFI_CPER && ( ARM || ARM64 ) 191 default y 192 193config UEFI_CPER_X86 194 bool 195 depends on UEFI_CPER && X86 196 default y 197 198config EFI_DEV_PATH_PARSER 199 bool 200 depends on ACPI 201 default n 202 203config EFI_EARLYCON 204 def_bool y 205 depends on SERIAL_EARLYCON && !ARM && !IA64 206 select FONT_SUPPORT 207 select ARCH_USE_MEMREMAP_PROT 208